
====================================================================

                                CERT-Renater

                    Note d'Information No. 2016/VULN163
_____________________________________________________________________

DATE                : 13/04/2016

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Microsoft Office versions 2007,
                 2010, 2013, 2013 RT, 2016, for Mac 2011, 2016 for Mac,
                       Microsoft Office Compatibility Pack,
                       Microsoft Excel Viewer,
                       Microsoft Word Viewer,
                    Microsoft SharePoint Server version 2007, 2010, 2013,
                       Microsoft Office Web Apps version 2010, 2013.

======================================================================
KB3148775
https://technet.microsoft.com/en-us/library/security/MS16-042
_____________________________________________________________________

Microsoft Security Bulletin MS16-042 - Security Update for Microsoft 
Office -Critical (3148775)

Document Metadata

Bulletin Number: MS16-042

Bulletin Title: Security Update for Microsoft Office

Severity: Critical

KB Article: 3148775

Version: 1.0

Published Date: April 12, 2016


Executive Summary

This security update resolves vulnerabilities in Microsoft Office. The
most severe of the vulnerabilities could allow remote code execution if
a user opens a specially crafted Microsoft Office file. An attacker who
successfully exploited the vulnerabilities could run arbitrary code in
the context of the current user. Customers whose accounts are
configured to have fewer user rights on the system could be less
impacted than those who operate with administrative user rights.


Affected Software

Microsoft Office 2007

Microsoft Office 2010

Microsoft Office 2013

Microsoft Office 2013 RT

Microsoft Office 2016

Microsoft Office for Mac 2011

Microsoft Office 2016 for Mac

Microsoft Office Compatibility Pack Service Pack 3

Microsoft Excel Viewer

Microsoft Word Viewer

Microsoft SharePoint Server 2007

Microsoft SharePoint Server 2010

Microsoft SharePoint Server 2013

Microsoft Office Web Apps 2010

Microsoft Office Web Apps 2013


Vulnerability Information

Multiple Microsoft Office Memory Corruption Vulnerabilities

Multiple remote code execution vulnerabilities exist in Microsoft
Office software when the Office software fails to properly handle
objects in memory.
An attacker who successfully exploited the vulnerabilities could run
arbitrary code in the context of the current user. If the current user
is logged on with administrative user rights, an attacker could take
control of the affected system. An attacker could then install
programs; view, change, or delete data; or create new accounts with
full user rights. Users whose accounts are configured to have fewer
user rights on the system could be less impacted than users who operate
with administrative user rights.

Exploitation of the vulnerabilities requires that a user open a
specially crafted file with an affected version of Microsoft Office
software. Note that where the severity is indicated as Critical in the
Affected Software and Vulnerability Severity Ratings table, the Preview
Pane is an attack vector for CVE-2016-0127. In an email attack scenario
an attacker could exploit the vulnerabilities by sending the specially
crafted file to the user and convincing the user to open the file. In a
web-based attack scenario an attacker could host a website (or leverage
a compromised website that accepts or hosts user-provided content) that
contains a specially crafted file that is designed to exploit the
vulnerabilities. An attacker would have no way to force users to visit
the website. Instead, an attacker would have to convince
users to click a link, typically by way of an enticement in an email or
Instant Messenger message, and then convince them to open the specially
crafted file. The security update addresses the vulnerabilities by
correcting how Office handles objects in memory.

The following tables contain links to the standard entry for each
vulnerability in the Common Vulnerabilities and Exposures list:


Vulnerability title   CVE number   Publicly disclosed    Exploited

Microsoft Office Memory
Corruption Vulnerability CVE-2016-0122  No                  No

Microsoft Office Memory
Corruption Vulnerability CVE-2016-0127  No                  No

Microsoft Office Memory
Corruption Vulnerability CVE-2016-0136  No                  No

Microsoft Office Memory
Corruption Vulnerability CVE-2016-0139  No                  No


==========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================